12. NIST FIPS SP80012
NIST FIPS/SP800
(NIST; National Institute of Standards and
Technology)
FIPS; Federal Information Processing Standards:
NIST
SP800; Special Publication:
12
: https://www.ipa.go.jp/security/publications/nist/
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 12 / 34
14. IETF RFC
RFC (Request for Comments)
IETF (Internet Engineering Task Force)
13
( )
ITU-T ISO
Rough
13
https://www.nic.ad.jp/ja/rfc-jp/RFC-Category.html
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 14 / 34
15. RFC 5 :
Standards Track: Proposed Standard → Internet Standard
Informational:
RSA PKCS#1 v2.1 = RFC8017
Experimental:
Historical:
Best Current Practice:
Standard Track, Informational, Experimental PKCS
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 15 / 34
16. RFC
1: OpenID Connect
: JWS14
, JWE15
, JWK16
, JWT17
OpenID
Foundation RFC Standards Track
2: PKCS#1, #5, #9 RSA
Informational RFC
3: HTTPS TLS v1.318
Standards Track
RFC
14
JSON Web Signature https://tools.ietf.org/html/rfc7515
15
JSON Web Encryption https://tools.ietf.org/html/rfc7516
16
JSON Web Key https://tools.ietf.org/html/rfc7517
17
JSON Web Token https://tools.ietf.org/html/rfc7519
18
https://tools.ietf.org/html/rfc8446
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 16 / 34
17. ISO/IEC JTC 1
ISO19
/IEC20
JTC (Joint Technical Committee) 1
ISO IEC
27 subcommittee
(SC27)
ISO/IEC JTC 1
19
; International Organization for Standardization
20
; International Electrotechnical Commission
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 17 / 34
18. ISO/IEC JTC1 SC27 5 Working Group 21
WG2
WG 1 (
ISMS)
WG 2 :
WG3
WG4
WG5
21
https://www.itscj.ipsj.or.jp/hyojunka/h_sn_member/h_sn_katsudo/h_sn_
katsudo2013/sc27_2013.html
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 18 / 34
19. W3C (World Wide Web Consortium)
W3C
WWW Web
API HTML, XML, DOM
(Recommendation)
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 19 / 34
20. W3C WG (Working Group)
WebCrypto WG22
: WebCrypto API
WebAuthn WG23
: FIDO
24
22
https://www.w3.org/2012/webcrypto/ Close
23
https://www.w3.org/blog/webauthn/
24
FIDO2 WebAuthn
https://www.w3.org/2019/03/pressrelease-webauthn-rec.html.ja
FIDO2 CTAP ITU-T
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 20 / 34
21. ITU-T SG17
ITU-T (International Telecommunication Union Telecommunication
Standardization Sector) SG17 (Study Group 17) 25
ITU-T: ITU (International Telecom. Union; )
Study Group 17: ITU-T
25
https://www.ituaj.jp/wp-content/uploads/2016/07/2016_08-06-spotITU-T.pdf
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 21 / 34
22. ITU-T SG17 SDN IoT ITS
SPAM ID
FIDO
26
26
FIDO UAF 1.1 CTAP https://fidoalliance.
org/fido-alliance-specifications-now-adopted-as-itu-international-standards/
Web FIDO2 WebAuthn W3C
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 22 / 34
23. ;
CRYPTOREC27
(2000 )
NESSIE28
EU (2000 )
27
Cryptography Research and Evaluation Committee
28
New European Schemes for Signature, Integrity, and Encryption
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 23 / 34
24. IETF (RFC), ISO, NIST
29
29
PKCS RSA Labs. IETF
Internet Draft
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 24 / 34
32. SEC2: SECG 44
ANSI X9.62: 45
NIST FIPS186-4: 46
47
NIST
FIPS 186
44
http://www.secg.org/sec2-v2.pdf
45
American National Standards Institute, “Public Key Cryptography for the Financial Services
Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA),” ANSI X9.62, November 2005.
46
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
47
https://tools.ietf.org/html/rfc8422#appendix-A
Jun Kurihara (Zettant Inc./U-Hyogo) E2E Security with JS Appendix January 26, 2020 32 / 34